[prev in list] [next in list] [prev in thread] [next in thread]
List: bitcoin-dev
Subject: [bitcoin-dev] Goldfish: Spoofing wallet fingerprints to improve privacy
From: alicexbt via bitcoin-dev <bitcoin-dev () lists ! linuxfoundation ! org>
Date: 2023-10-16 5:00:32
Message-ID: GJFd9NY46XIhy6Oes3p5fThQv77xvpvqinLJh1M2Vxp-QY6ywneTz40QLuW9kWg_0wtlb-4iTxKukkVxtH75upJLz5eouc90O2uJGoXEQNk= () protonmail ! com
[Download RAW message or body]
Hi Bitcoin Developers,
### Problem
Wallet fingerprinting: Identifying the bitcoin wallet used to create the transaction
### Previous research
A) 0xB10C wrote a [blog post][0] in 2020 about wallet fingerprinting.
Most transactions followed the fee rate recommendations provided by Blockchain.com \
and had same characteristics, including using P2PKH outputs, having either one or \
two outputs created, a transaction version 1, and BIP-69 compliance.
Suggested solutions:
1. Randomness in fee rates
2. Broadening fingerprint
- Support receiving to and spending from different address types
- Time-lock some of the created transactions to the current block height
- Set a random transaction version when constructing the transaction
3. Spoofing
B) achow101 created a [tool][1] in 2022 to identify wallet from a bitcoin transaction
This tool focused on 2 fingerprints (bitcoin core and electrum) although lot of \
other bitcoin wallets are used. It is good proof of concept which can be improved \
further by adding more fingerprints in it.
C) I wrote a [blog post][2] about wallet fingerprinting based on nLocktime, nVersion \
used by different wallets.
D) ishaanam wrote a [blog post][3] recently based on her research about wallet \
fingerprinting which covers lot of things.
1. Fingerprints categorized into 4 types: Independent, Probabilistic, Dependent, \
and Temporal 2. Observations based on 8 bitcoin wallets:
- Bitcoin Core (v. 25.0)
- Electrum (v. 4.4.5)
- Blue Wallet (v. 6.4.6 iOS)
- Exodus (v. 23.7.2 iOS)
- Trust Wallet (v. 9. 0 iOS)
- Coinbase Wallet (v. 28.53 iOS)
- Trezor Suite (v. 23.7.2)
- Ledger Live (v. 2.64.2)
3. Fingerprints [table][4]
4. [Wallet Fingerprint Detector][5]
Conclusion:
> There is no clear cut solution to the issues discussed here. While some \
fingerprints would be trivial to eliminate,
> it will be difficult to eliminate fingerprinting entirely. Just because \
something is a fingerprint does not
> automatically mean that it should not be done by a wallet. For instance, all \
transactions of a wallet having a
> certain input order or change index should definitely be modified, but things \
like anti-fee-sniping and the spending > of taproot UTXOs are still worthwhile.
### Solution
A [tool][6] for spoofing wallet fingerprint. It is a proof of concept which can be \
improved further if everyone finds it useful. It supports nLocktime, nVersion and BIP \
69 ordering for 2 bitcoin wallets (electrum and blue). Users can enter PSBT and spoof \
its wallet fingerprint based on the option selected in dropdown list.
### Rationale
- As protocol developers continue to introduce changes that impact user privacy, \
such as the upcoming version 3 transactions, identifying wallets based on \
transaction becomes easier.
- All wallets will never have same fingerprint.
- For users who prioritize privacy, spoofing presents a viable solution.
- While similar techniques have been applied in the context of browser \
fingerprinting, they can also be adapted for bitcoin transactions.
Comparison with browser fingerprinting:
A browser fingerprint typically comprises various things such as the user agent, IP \
address, canvas fingerprint, WebGL information, installed fonts, timezone, screen \
resolution, cookie data, system info etc. In contrast, a wallet fingerprint for \
bitcoin transactions includes RBF signaling, transaction version, BIP 69 ordering, \
fee rate, change position and type etc.
If a tool can effectively spoof a browser fingerprint, same concept could be applied \
to bitcoin transactions as well. [Tor browser][7] protects against fingerprinting \
by making fingerprints of all users same irrespective of their device or OS. It's \
important to note that existing tools attempting to identify wallets from \
transactions include lot of false positives, and the introduction of spoofing could \
further increase their prevalence. This increased uncertainty in identifying wallet \
can make chain analysis difficult, ultimately enhancing privacy. Some \
privacy-focused wallets may even consider implementing this feature in wallets.
### Acknowledgement
0xB10C, achow101, ishaanam, pythcoiner and statusquont
[0]: https://b10c.me/observations/03-blockchaincom-recommendations/
[1]: https://github.com/achow101/wallet-fingerprinting
[2]: https://consentonchain.github.io/blog/posts/fingerprinting/
[3]: https://ishaana.com/blog/wallet_fingerprinting/
[4]: https://ishaana.com/blog/wallet_fingerprinting/fingerprints_final.png
[5]: https://github.com/ishaanam/wallet-fingerprinting
[6]: https://gitlab.com/1440000bytes/goldfish
[7]: https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/
/dev/fd0
floppy disk guy
Sent with Proton Mail secure email.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic